Powered by Zoomin Software. For more details please contactZoomin

Administrate MarkLogic Server

Table of Contents

Enabling SSL Communication over XDQP

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: April 15, 2026
  • 1 minute read
    • MarkLogic Server
    • Version 11.0
    • Documentation

This image shows the options related to configuring SSL for intra-cluster XDQP communication on the Groups page:

Admin Interface Groups page screenshot of the options related to configuring SSL for intra-cluster XDQP communication

  • To enable encrypted SSL communication between hosts in the group, set XDQP SSL Enabled to true. All communications to and from hosts in the group will be secured--even if the other end of the socket is in a group that does not have SSL enabled.

  • The SSL keys and certificates used by the hosts are automatically generated when you install or upgrade MarkLogic Server. No outside authority signs the certificates used between hosts communicating over the internal XDQP connections in a cluster. Such certificates are self-signed and trusted by each host in the cluster. See Keeping XDQP Certificates Up to Date to keep these certificates up to date.

    Note:

    If you are enabling this feature well after initially installing MarkLogic Server, use the first API described in Keeping XDQP Certificates Up to Date to make sure all certificates are valid.

  • For details on configuring SSL communication between web browsers and app servers, see Configuring SSL on App Servers in Securing MarkLogic Server. For details on configuring FIPS 140-2 mode for SSL communication, see OpenSSL FIPS 140-2 Mode.

TitleResults for “How to create a CRG?”Also Available inAlert